mirror of
https://github.com/Infisical/infisical.git
synced 2026-01-10 16:08:20 -05:00
42 lines
3.1 KiB
Plaintext
42 lines
3.1 KiB
Plaintext
---
|
|
title: "What is Infisical?"
|
|
sidebarTitle: "What is Infisical?"
|
|
description: "The open source platform for managing secrets, certificates, and secure infrastructure access."
|
|
---
|
|
|
|
## What is Infisical?
|
|
|
|
[Infisical](https://infisical.com) is the [open source](https://github.com/Infisical/infisical), all-in-one platform for secrets, certificates, and privileged access management.
|
|
|
|
It provides modern security workflows — including secrets rotation, dynamic credentials, access approvals, and SSH certificate-based access — all within one platform designed for developers, infrastructure, and security teams.
|
|
|
|
Start managing secrets securely with [Infisical Cloud](https://app.infisical.com) or learn how to [host Infisical](/self-hosting/overview) yourself.
|
|
|
|
## Why use Infisical?
|
|
|
|
Managing secrets, credentials, and infrastructure access is a critical concern for engineering teams. As infrastructure scales and environments become more complex, [secrets start to sprawl](https://infisical.com/blog/what-is-secret-sprawl) — across codebases, CI/CD pipelines, configuration files, and cloud services. This makes them difficult to track, rotate, and secure.
|
|
|
|
Without proper management, secret sprawl turns into risk: hardcoded credentials, unrotated keys, fragmented access controls that attackers can exploit amongst other things.
|
|
|
|
Infisical addresses this challenge by providing an all-in-one platform and workflows to:
|
|
|
|
- Securely store and manage application secrets from development to production.
|
|
- Scan code and pipelines for exposed credentials.
|
|
- Automate X.509 certificate issuance and renewal.
|
|
- Manage SSH access using short-lived, policy-driven certificates.
|
|
- Encrypt and decrypt sensitive data with centralized key control.
|
|
- Audit every access, credential use, and change.
|
|
|
|
Infisical is designed to integrate cleanly into your stack—improving security without adding complexity.
|
|
|
|
## What does Infisical include?
|
|
|
|
Infisical consists of several tightly integrated products, each designed to solve a specific part of the infrastructure security surface:
|
|
|
|
- [Secrets Management](/documentation/platform/secrets-mgmt/overview): Securely store, access, and distribute secrets across environments with fine-grained controls, automatic rotation, and audit logging.
|
|
- [Secrets Scanning](/documentation/platform/secret-scanning/overview): Detect hardcoded secrets in code, CI pipelines, and infrastructure—integrated with GitHub, GitLab, Bitbucket, and more.
|
|
- [Certificate Management](/documentation/platform/pki/overview): Issue and manage X.509 certificates using protocols like EST, with support for internal and external CAs.
|
|
- [Infisical SSH](/documentation/platform/ssh/overview): Provide short-lived SSH access to servers using certificate-based authentication, replacing static keys with policy-driven, time-bound control.
|
|
- [Infisical KMS](/documentation/platform/kms/overview): Encrypt and decrypt data using centrally managed keys with enforced access policies and full audit visibility.
|
|
- [Infisical PAM](/documentation/platform/pam/overview): Manage access to resources like databases, servers, and accounts with policy-based controls and approvals.
|